The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Microsoft Windows vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. The flaw in the Windows Common Log File System (CLFS) driver, tracked as CVE-2025-29824, is being actively exploited…
[[{“value”:”CISA has added fresh CentreStack and Windows CLFS vulnerabilities to the Known Exploited Vulnerabilities catalog. The post CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days appeared first on SecurityWeek.”}]] Read More
Microsoft said the zero-day flaw has been exploited in the Storm-2460 ransomware attacks to deploy the PipeMagic malware. Read More
Microsoft has revealed that a now-patched security flaw impacting the Windows Common Log File System (CLFS) was exploited as a zero-day in ransomware attacks aimed at a small number of targets.
"The targets include organizations in the information technology (IT) and real estate sectors of the United States, the financial sector in Venezuela, a Spanish software company, and the retail sector in
Microsoft has released security fixes to address a massive set of 126 flaws affecting its software products, including one vulnerability that it said has been actively exploited in the wild.
Of the 126 vulnerabilities, 11 are rated Critical, 112 are rated Important, and two are rated Low in severity. Forty-nine of these vulnerabilities are classified as privilege escalation, 34 as remote code
Microsoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of those flaws earned Microsoft’s most-dire “critical” rating, meaning malware…
A critical zero-day vulnerability in the Windows Common Log File System (CLFS) has been uncovered and is being actively exploited by a ransomware group. The vulnerability Tracked as CVE-2025-29824, this elevation of privilege flaw has been targeted in attacks against…
[[{“value”:”Patch Tuesday: Microsoft ships urgent cover for another WIndows CLFS vulnerability already exploited in the wild. The post Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day appeared first on SecurityWeek.”}]] Read More
Microsoft’s April 2025 Patch Tuesday update has arrived, delivering critical fixes for 121 security vulnerabilities across its broad suite of software products. This month’s update addresses a significant array of threats, including elevation of privilege, remote code execution, and a…
A critical zero-day vulnerability in the Windows Common Log File System (CLFS) driver, tracked as CVE-2025-29824, has been actively exploited in the wild. This security flaw allows attackers to elevate privileges to SYSTEM level, posing a significant risk to affected…
